Posted
by
Soulskillon Monday May 24, 2010 @03:54PM
from the too-many-people-who-don't-care dept.

Trailrunner7 writes "One of the more trite and oft-repeated maxims in the software industry goes something like this: We're not focusing on security because our customers aren't asking for it. They want features and functionality. When they ask for security, then we'll worry about it. Not only is this philosophy doomed to failure, it's now being repeated in the realm of privacy, with potentially disastrous effects. A quick search of recent news on the privacy front reveals that just about all of it is bad. Facebook is exposing users' live chat sessions and other data to third parties. Google is caught recording not only MAC address and SSID information from public Wi-Fi hotspots, but storing data from the networks as well. But the prevailing attitude among corporate executives in these cases seems to be summed up by Google CEO Eric Schmidt, who famously said this not too long ago: 'If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.' If you look beyond the patent absurdity of Schmidt's statement for a minute, you'll find another old maxim hiding underneath: Blame the user. You want privacy? Don't use our search engine/photo software/email application/maps. That's our data now, thank you very much. Oh, you don't want your private chats exposed to the world? Sorry, you never told us that."

A big problem is simply NAT. Non-technical people are not going to set up port forwarding. This basically broke the Internet, and pushed its development in undemocratic directions.

UPnP partially fixes this, but opens up a whole bunch of other problems, which are even worse.

IPv6 is supposed to fix this for real, but I don't count on it because IPv4 is "good enough," and I bet that it'll be easier for people to keep throwing NAT and subdomains at the problem. E.g., companies don't need to bother maintaining their own webservers and having their own public IPs; the way things are going they'll just point people to "facebook.com/companyName" (I heard an ad do this on the radio yesterday, in fact).

Really though, it is possible to connect to existing P2P networks through NAT without any extra configuration. Why should a P2P social network suddenly make the exist solutions to the problem infeasible or more difficult to support?

the way things are going they'll just point people to "facebook.com/companyName"

At least that's more professional than the ad I recently heard advertising a company's @gmail.com email address. I mean, they let you use your own domain with Google Apps and it's completely free (basic edition anyway). How do people who use Gmail in their businesses not realize this?

This wasn't a user page though; it was literally "facebook.com/companyName," and the company was actually a big one -- something like "Verizon" or the like. I sensed it was less a "we're too poor to have a website" move and more a "all the cool kids are on facebook so we should be there" move.

No, we would be in IT support hell, maintaining our dads and moms P2P servers......

I do maintain computers/routers for my family members. I've done it for years. The lack(?) of P2P hasn't changed that at all.

But, supposing that P2P was some kind of nightmare to deal with... Why couldn't we make it work better? Build protocols that played nicer with NAT tables... Or build UPnP that works better... Or just throw out the whole IPv4 thing and go to v6?

If we had continued improving on P2P instead of giving in to centralized servers we wouldn't be there...

Alright, I know that a few projects like Diaspora are supposed to utilize this but I am still largely confused by this. Peer to peer implies that by owning my own personal data, it is on my home computer or laptop. Some people only have a laptop and some people like to power down their machines when they're away. So this seems to imply that you need to either have this disseminated to other peers in order for people to access it while you're offline. On top of that if you're disseminating photos or videos, this could get crazy for upload speed. So then your stuff is on another person's machine and who knows if they didn't just take and modified the Diaspora code to record all your stuff. Can you trust their node anymore than Facebook? Sure, it might be encrypted but it's hard to believe that it wouldn't be susceptible to a man in the middle attack or eventually crack the encryption by brute force. So you're kind of at that point back to the same problem as you are with entrusting Google or Facebook with your data. Otherwise you need to pay for a dedicated hosting server and they're not going to be cheap if you're miss popular with thousands of photos and that's not really P2P.

So how was P2P supposed to fix this problem? Especially for people with just a laptop or even like my parents who have a dial up connection out on a farm house with very tiny upload bandwidth. I'm just not getting a clear picture of how the average person would handle this.

There are a few ways P2P would solve the problem. The first that comes to mind is that it would reduce the incentive to undermine privacy, since the social network would not be funded by the sale of personal data (or data derived from personal data). It would also increase the cost of undermining privacy, since people would not just be throwing their data at a single centralized datacenter.

As for distributing the data across the network, it is very easy to solve that problem cryptographically. You encrypt your data, and the decryption key is distributed as part of the "friending" process. In theory, if your friends are out to get you and want your privacy to be undermined, they could distribute the key further, but this is not much different than the current situation, where they could just copy your data from a website and hand it out to people.

As for distributing the data across the network, it is very easy to solve that problem cryptographically. You encrypt your data, and the decryption key is distributed as part of the "friending" process. In theory, if your friends are out to get you and want your privacy to be undermined, they could distribute the key further, but this is not much different than the current situation, where they could just copy your data from a website and hand it out to people.

The difference there is that your relatively small key holds the potential for everything on your page. If someone copies and mails a few pics of me, big deal. But that key could be easily copied and sent covertly with the copier taking their sweet time to look at all my stuff -- and for how long before I catch on? And how long before key collecting viruses run rampant and phone home to a black market provider's server where all Diaspora data is cached? The killer there is that you'd never even know and two if you had to change your key then you need to refriend everyone to get the key out. I understand how asymmetric key encryption works in PGP but that requires that you have a single person you are sending the message to... do you need to build a PGP public/private key for each of your friends? Then I guess my next question is where does this decryption take place? Obviously it has to take place on your friend's box otherwise the people in the middle would have your key and your unencrypted data. So your friend logs on to check out your picture on Facebook... but he's on his netbook so he has to wait to get the encrypted data then decrypt the data on a possibly low CPU intensive device.

And then when people start posting unlicensed songs and movies to their pages you'll have the MPAA and RIAA trying to sue the crap out of everyone ever connected to it and then they'll start caching as a Diaspora node... and wait for legal action to get a potential file sharer's key by court order...

I don't know, my imagination just takes off sometimes but it's not like your proposed method is a silver bullet for Social Networking... there's gotta be a lot of storage donated from people getting absolutely nothing in return from using that storage. My gigs of pictures need to be hosted by dogooders who have no access to them when I'm offline and my friends want to see them. I just don't see that sort of mentality happening. People seed on bittorrent because they can use the files that they're seeding but they're not going to be able to use my encrypted files that people might want when I'm offline nor will I be able with a netbook to help them out with hosting their files.

The difference there is that your relatively small key holds the potential for everything on your page.

Why does it have to be a global key?

I understand how asymmetric key encryption works in PGP but that requires that you have a single person you are sending the message to... do you need to build a PGP public/private key for each of your friends?

Why not, it's cheap? You don't have 1M friend either...

Then I guess my next question is where does this decryption take place? Obviously it has to take place on your friend's box otherwise the people in the middle would have your key and your unencrypted data. So your friend logs on to check out your picture on Facebook... but he's on his netbook so he has to wait to get the encrypted data then decrypt the data on a possibly low CPU intensive device.

It's not so much about encryption solution (that could be worked out anyway) as it is about access control.

The main question is actually how are update going to be disseminated and validated chronologically... beyond that it's already an improvement on the current situation.

And then when people start posting unlicensed songs and movies to their pages you'll have the MPAA and RIAA trying to sue the crap out of everyone ever connected to it and then they'll start caching as a Diaspora node... and wait for legal action to get a potential file sharer's key by court order...

FreeNet integration?Popular files get spread more...

I don't know, my imagination just takes off sometimes but it's not like your proposed method is a silver bullet for Social Networking...

Nothing is, just much better socially than what we currently have, let's talk about its weaknesses and improve on them:-)

there's gotta be a lot of storage donated from people getting absolutely nothing in return from using that storage.

Oh, like everyone's hard drive is not on average 70% empty or such?

My gigs of pictures need to be hosted by dogooders who have no access to them when I'm offline and my friends want to see them. I just don't see that sort of mentality happening.

The concept of being offline is not really trendy these days and is going away very rapidly in any case, you should really think about running a small home server like Eben Moglen suggested in that case to solve the issue.

People seed on bittorrent because they can use the files that they're seeding but they're not going to be able to use my encrypted files that people might want when I'm offline nor will I be able with a netbook to help them out with hosting their files.

Some people also don't upload on Bittorrent cause they are selfish fools. If we want this to work, just like FOSS, we need to have enough people willing to share bandwidth for the model to work.

And it seems like P2P and FOSS has proven to work up till now quiet well in that respect despite the morons... And in a social case you'd be dealing with your friends who are much more willing to share with/for you.

In theory, if your friends are about as technologically inclined as most people, they could distribute the key further, but this is not much different than the current situation, where they could just copy your data from a website and hand it out to people.

So this seems to imply that you need to either have this disseminated to other peers in order for people to access it while you're offline.

Yep, and you could have close friend in your circle mirror your files / profiles and share them as needed... Or an encrypted fast repository (think, maybe, Firefox weave?) to which you lend a key to those you want to read it.

On top of that if you're disseminating photos or videos, this could get crazy for upload speed.

Well, Bittorent totally solved that issue and with friend mirroring you it'd be awesome.Also, this would help weed out asymmetrical connection in the long run, giving back citizens the expressive voice they deserve.(Fiber to the home is the only viable way forward...)

So then your stuff is on another person's machine and who knows if they didn't just take and modified the Diaspora code to record all your stuff.

They have what you allowed them to have, you won't backup your sex life on your ex's computer if you don't want to...;-)They can hack all they want, a well thought out system with crypto will solve any such issue.

Can you trust their node anymore than Facebook?

Definitively, why would you trust the middle man more than the person with whom you want to share your data?Who are you afraid is going to spy on you, the person who you are sending the data to anyway or the middle man?

Sure, it might be encrypted but it's hard to believe that it wouldn't be susceptible to a man in the middle attack or eventually crack the encryption by brute force.

As discussed, don't share what you don't want where you don't want it and use proper encryption.

So you're kind of at that point back to the same problem as you are with entrusting Google or Facebook with your data. Otherwise you need to pay for a dedicated hosting server and they're not going to be cheap if you're miss popular with thousands of photos and that's not really P2P.

see above...

So how was P2P supposed to fix this problem? Especially for people with just a laptop or even like my parents who have a dial up connection out on a farm house with very tiny upload bandwidth. I'm just not getting a clear picture of how the average person would handle this.

dial up are really on the way out but even with that, their initial upload is akin to sharing it with someone else that might help afterward with spreading the file to whoever else you'd want it shared.

Also, at some point, you can't control the information you release to someone, trying to build a social-DRM system is not going to work anymore than it did for bluray, DVD, music and whatnot...

Then you do not add them to your "friends" list. I see P2P social networking being driven by cryptography, so that your data is replicated across the network but only the people you approve as friends are able to decrypt it. Thus, for Facebook or Google to undermine your privacy, you would have to explicitly allow them to do so -- it would be forced out into the open. Further, there would be few incentives for users to allow a company like Facebook to access their data, since the social networking aspect

I would think (and hope) that customers aren't asking for it because they're not aware of the risks, not because they don't care. Like when people stop using debit cards everywhere only after their card gets duplicated.

I would think (and hope) that customers aren't asking for it because they're not aware of the risks, not because they don't care. Like when people stop using debit cards everywhere only after their card gets duplicated.

This.

Two things are necessary for privacy to really become important to the number crunchers. The first is a direct, measurable impact on individual privacy, which is arguably already happening. Whereas there was an implicit agreement of trust before, you now have essentially no privacy on

Apathy is blamed for a lot of things that people really aren't apathetic about at all. One example is voter turnout: they say 50% of voters stay home because they don't care, when the real reason they stay home is they don't see much if any difference between candidate A and candidate B. It isn't apathy, it's a conscious decision to boycott the system.

As TFA notes, security is another one. People complain about their virus-infested computers so they aren't apathetic, they're simply ignorant; they don't know HOW to not get viruses, and they bitch loudly because they bought NcAffee and Norton and turned Windows firewall on and STILL get viruses because they DLed Metallica-FreeSpeechForTheDumb.MP3.exe and played it by clicking the file. They have no clue that the file is an executable, because Microsoft hides the file extension by default.

The same goes for privacy. As TFA (again) mentions, most users want both privacy AND social networking. As the article summarises: "Blame the user? Here's a better idea: Listen to the user."

The problem is that social networking websites make their money by undermining user privacy; there is simply no incentive to actually listen to the users' complaints about privacy, and for a company that must answer to its investors, there is actually a disincentive to listen to the users. Users want privacy and social networking and social networking websites, and they do not want to pay for those websites -- it is just not possible to meet all of those demands at the same time. Privacy is the easiest thing to drop from the list of user demands you actually meet, since it is not the first thing most people will notice.

The problem is that social networking websites make their money by undermining user privacy;

Since the only exposure that I have had to Facebook and the like is comments on Slashdot and I have never knowingly visited the Facebook website, your comment here strikes me as very odd.

Isn't the POINT of Facebook to get yourself "out there" and be-your-own-celebrity? If so, isn't it contradictory to say "OMG they are stealingj/invading my privacy!" since that's the point of the website in the firs

You overestimate how much the average person cares -- yes, some people skip voting, as a (seriously misguided, IMO) protest boycott. Most of the people who don't vote, however,do so out of apathy, not principle. There's always a third party candidate (at least in the presidential race, and surprisingly often in lesser races) so you can make your voice heard as being in opposition to those parties, and if there were _really_ anything like 50% of people so disgusted with the two parties we currently have, and

One example is voter turnout: they say 50% of voters stay home because they don't care, when the real reason they stay home is they don't see much if any difference between candidate A and candidate B. It isn't apathy, it's a conscious decision to boycott the system.

You're doing it wrong. If you actually care, but don't want to vote for any of the candidates, then you should vote for a third party candidate, write in a vote, or leave the response blank. That shows you are actually willing to do something. Not to mention, a boycott of the voting system doesn't do anything but give more power to the remaining few who do actually vote. Those people aren't going to feel very motivated to push you to vote.

Bitter mods aside this weekend, there's not much of a difference between the two. One you believe what you're told because you enjoy that pov and refuse to look outside your safety box. The other you believe what you're told because you don't know any better, and refuse to examine the data yourself.

Why isn't our private information considered intellectual property? Corporations try to make every aspect of their business protected, why should consumers do the same? I guess it would require a Supreme Court that not only are corporations considered "people" but that people are considered people.

A corporation can distribute data on a DVD or CD and yet claim that it should be illegal for me to copy and pass that data along. Why shouldn't I

Another silly analogy. Imagine that these people made houses. They could say "we're focused on features and functionality that customers are asking for in houses. They inquire about square footage, number of bathrooms and bedrooms, proximity to schools, and so forth. None of them have ever asked about what types of doors or locks they houses have. We will start including doors when customers start asking for them."Of course, the very first customer will say "what the hell, where's the door?" Or if the

my check card (debit card that allows you to run it as a credit card anyplace that accepts mastercard, but takes the money from your account with 0% interest owed instead of racking up money you owe to faceless megacorp with 18% interest) has the exact same protections as a credit card.

I'm not sure where all these debit card stories come from. assuming that they are not urban legends, then perhaps people need to find a better bank.

With a traditional Visa/Mastercard 'debit' card that pulls money from your checking, there are two ways to use that card and pay for your purchase:

Use it like a credit card (you don't type your PIN)

Use it like a debit/atm card (you enter your PIN)

If you use you card as a credit card, you are protected in the same manner as you would with a credit card, you aren't responsible for fraudulent charges above $X.xx and you can dispute charges, etc. If you use it as a debit card, if your PIN is exposed by some 3

In Canada, or at least with TD, I've had fraudulent purchases made with a copy of my Debit Card someone made. They had the PIN and everything apparently. So I contacted the fraud department, and every fraudulent charge was reversed. It took less than a month, and it wasn't even that much, because I noticed it quickly (it was less than $40 at that point).
Additionally, fraudulent transactions made with my web banking are also covered.
Of course debit is, I suppose, different in Canada than in most places,

If you use it as a debit card--snip--you are fully on-the-hook when it comes to losses - if they steal $2000 from your account, you have lost $2000 - there is no disputing charges or limited liability like with a credit card.

I worked at a financial institution, this is completely incorrect. Your liability is limited by law to $50, and most small banks and credit unions just limit it to -0-. Just make sure you have email alerts on so you know your card is being abused & call your bank & police if so.

Here in the UK they're both chip and pin - few retailers will take signed for cards AFAIK. My credit card has had the bit where your signature goes rubbed off for the past couple of years (revealing void void void), and I doubt very much it'll swipe through any magnetic card readers now. I still use it regularly though (I know it's pretty insecure, but if I lose it I'll just phone up and get it cancelled).

In the UK if there are charges which are made to your debit card which you claim are not from negligent acts on your part (like your example), they have to reimburse your account basically immediately, then do the investigations. They are liable for fraudulent access to your account, as long as you've not been negligent. If you voluntarily agreed to the full transaction though, you're out of luck (ie. a business who went bust, or a scammer who didn't fulfil their side of the bargain) - it's just like giving cash to them. Credit cards have more protection though - any transaction over 100ukp you can get back, for almost any reasonable reason, ie. paid and did not get the goods, etc. Transactions under 100ukp are covered in the same way debit transactions are I think.

my check card (debit card that allows you to run it as a credit card anyplace that accepts mastercard, but takes the money from your account with 0% interest owed instead of racking up money you owe to faceless megacorp with 18% interest) has the exact same protections as a credit card.

So, your check card is stolen, your account is zero'd. Now all your legit paid bills bounce. Each individual merchant wants $25 and up, directly from you, for bouncing a check. How does your check card protect you from that? My theory is, it does no such thing.

If I'm being held responsible for the charges after disputing them in both cases? Then obviously it would be more trouble for ME if the thief is spending the bank's money. I have to pay interest on that. Therefore I'm out more of MY money than if they had just spent my money to begin with.

Except it doesn't work that way.

1. You have at least a few weeks to get it worked out before the charge would incur interest in the first place.2. It's generally pretty easy with a credit card to put a stop payment on a fraudulent charge, and when everything gets sorted out you're not out any money.3. Worst case scenario, if your credit card company happens to be the worst one on the planet and tries to leave you hanging (but honestly, I've never heard of a credit card company doing that) you can simply ref

As with most security issues, you need to start the mitigation process at layer 8. That is, you need to educate yourself about your bank's specific policies on what will happen when your card (or the information on it) gets stolen. Since policies vary from bank to bank, you'll need to ask them what your liability will be in different scenarios.

In most cases, credit cards offer more consumer protection in terms of your ability to reverse the charges (charge back) on purchases that you did not authorize. T

The actions made by these companies, right or wrong, are legal. You can't expect companies (or governments... or individuals) to stop doing this if it is convenient, profitable, and legal. We need some legislation that basically says that they can't publish, transmit, or sell personal information without prior consent. And that any such release - intentional or accidental - must be reported to the individual.

In the US, we have such legislation but it only applies to medical information. That is silly - there's just no reason for companies to be giving this stuff out.

Actually, let me go a step further -- they shouldn't even store this information. I walked into Target and returned some merchandise. It was really simple -- because they kept my credit card on file. I never told them they could do that. As I walked away, they said "Thank you [my name]" so they knew that too. Why is it okay for a store clerk to have this? Why did my credit card company give out the credit card number and name? They don't need that. They need to know "User 81234756897 authorized purchase for $57.34 to vendor 9234857 on 2010/05/23 17:24 with authorization #239485768934." That's it. It should have been illegal for my credit card company to even give the information. Then for Target to store it. As a nice side-benefit, this also prevents fraud since no one in the chain can use my credit card.

Has it ever occurred to you that some customers actually like that kind of customer service? That's why you can't just ban everything and make everyone happy - some infringements of privacy have good uses, and some people actually prefer convenience to privacy. Letting the free market sort it out, with some companies offering convenience and others dedicated to privacy, is in my mind the best solution.

And then whichever is less popular will die out as the other reaches critical mass. Either that, or people's data will be fragmented between two very different camps that likely will not be able to interface with one another as one service lacks privacy and the other does not. You'll end up in a situation where half your friends are on one social network and half your friends are on another--you'd be forced to use both services to keep in touch with one group of friends.

that's why i never installed a half dozen different IM clients. ICQ, AIM, Yahoo, MSN, blah blah blah. Anybody not on the one I used must not want to talk to me that much, so email can suffice for them.

Now of course I get all the networks under one communicator, so I do have multiple IM network accounts, but that just reinforces the original point.

"Social Network" and "Privacy" are diametric opposites. They are the modern equivalent of bulletin boards (not electronic ones, I mean the cork thingies you still find at the entrances to many supermarkets) except everyone has fingerprint readers and knows who has posted what.

Social networks exist, as a business model, so you may sell aspects of your privacy in return for the convenience of keeping in touch with your friends. Large-scale sites need money in order to survive, and if you aren't paying them

I agree, if online privacy was really as important to the majority of people as it is to some/. posters there would be companies advertising "guaranteed" privacy the same way they advertise lower prices or whatever other advantage they claim over their competitors. The reason companies don't care is that their customers don't care. Those of us who do just need to be more careful about who we do business with but IMHO it's a losing battle as long as the public awareness of the importance of privacy is nonexistent.

it's a losing battle as long as the public awareness of the importance of privacy is nonexistent.

Well, I hope you are wrong. One good thing about Facebook's recent spastic blunders is that at a few, at least, have realized that privacy is something fragile that deserves some protection. If those of us who care will beat the drum from time to time, others just might wake up. In other words, I'm not yet willing to call it a hopeless battle.

Well take slashdot. It is owned by a for-profit publicly traded corporation. True we don't give our names and addresses but many of do give our personal readily identifiable email address and of course IP and probably 1000s of us can be identified if somebody choose to do so and linked to quite detailed overview of our political and other opinions - valuable data for advertisers, political parties, potential employers and who knows who else. This data will still be there years from now and who knows what can happen with it, the financial incentive is certainly there to sell it. Now, I tend to trust slashdot (famous last words?) but I am just trying to illustrate how difficult it is to truly guard your online privacy unless you are a kind of person who only ever communicates through encrypted messages or something like that.

From my experience, they do. When credit cards first came out, people were afraid to use them because of fraud concerns. Same with the internet. It was only 10 years ago that my grandfather would not enter his credit card into a web site. But today, people take the technology for granted and no longer think it through.

But if you talk to someone, and educate them on the issues, they respond like "what can you do?" And when I explain that a simple change to the credit system, such as generating disposabl

"Making everyone happy" was never on my to-do list. "Not get reamed by the corporatocracy" is on my list and remains there. As much as others might enjoy the familiarity of having complete strangers call them by name, and the convenience of having merchandise instantly charged to their accounts, *I* am selfish enough to sacrifice all those pleasures just so that I might exert a little bit of control over what others know about me.

This is a job for government regulation.
We don't trust the free market with important things like ensuring food safety, protecting the environment, or verifying whether pharmaceuticals are effective. Why should we trust the free market with personal privacy?

Has it ever occurred to you that some customers actually like that kind of customer service?

Nothing I've said decreases the level of customer service. The return could have been done without them saving the credit card number.

Letting the free market sort it out, with some companies offering convenience and others dedicated to privacy, is in my mind the best solution.

I always prefer free market solutions, but I don't see how to make one work here. The free market only works when the buyer is aware. Companies don't tell me what information they disclose about me. I only find out when I suddenly get charges on my credit card because the store clerk got all my credit information, or because some hacker broke into the stores and took it. I would be open to laws that require them to disclose it to me, but I don't want to read a 25-page legal document to buy something from a store. Since there is no benefit to me from them keeping the information (see the first paragraph for the explanation of why) the restrictive solution is the best one.

Actually they probably didn't record your credit-card number. What they probably recorded was the sale number (basically a receipt serial number), the receipt information (what was bought), and the type of credit card and the authorization number. They knew your name because it was recorded off your credit card at the time of sale. To handle the refund they just use the authorization number, which the credit-card company can match to your card (but they won't tell the store the card number, they'll just give out another authorization number for the refund).

Now, the store probably doesn't need to store your name at the time of sale. But if you're paying with a credit card, you know you're leaving a connection between you and that sale anyway so IMO it's not a major thing. If you really want no connection, pay in cash and don't give them any identifying information, not even a phone number.

I think they *could* do it from the authorization number, but I am skeptical that they actually did it that way. I find that places that use the authorization number ask me for my credit card and punch that number in when doing the return. So I think they just store it. Considering that all the online stores do this too, I don't find it unlikely that retail chains are starting that practice.

If the purchase was made with a credit card, store policy is usually to issue an offsetting credit on the same card (though I suppose some might issue other store credit or a corporate cheque when the card charge clears, which is somewhat inconvenient).

If you provided your credit card so the charge could be reversed, they could issue a query to the credit card company by number and amount -- no need to store your card for this (though they prob

The problem is that all the companies are data gorging. The CC Merchants are the worst. They insist that you send them not only the total but a list of what the person is buying. They also monitor your advertising and who links to you on the internet. I use to run a lab supply company. We had a affiliate link when we first went online. The merchant account found two sites that linked to us, these sites were in other countries and were drug related. Well drug related in the US but they appeared to be legal in there country. They killed our account with no warning. $3000 a day in sales through the web site gone. They would not turn it back on and added us to a black list. We were unable to continue selling online. We still have the brick and mortar but the online store it gone. We broke no laws and there was no published list of what not to do.

All in all, not only do they collect all the information on every one and there sales, they spend a lot of time monitoring and collecting information on the stores. They need to be dinged on this, some Merchant accounts go as far as to tell you what products you can and can not carry. The second one we had would not let us carry or sell any pipettes, agar-agar or 10cc syringes that had 1.5" 18 gauge needles on them. They considered them "Drug paraphernalia"

[...]there's just no reason for companies to be giving this stuff out.

...right after saying:

[...]it is convenient, profitable, and legal.

It's also nothing new. Do you think that never before the interwebs was data collected about demographics and metrics? That supply and demand occurred randomly? The internet makes it easier, but fundamental economic relationships have existed as long as economies themselves. Businesses have kept ledgers of their clients and transactions for as long as there has been writing. It was generally in the interests of these businesses to keep such ledgers private, and

Granted. The contradiction was because of my wording. I should have said "There is no benefit to the consumer for companies to be giving this stuff out."

It's also nothing new...

I never said it was. It is just much more dangerous now, due to the scale of it.

hate to break it to you, but your credit card # is your 'user #'

Exactly. That is the part that needs to be changed. Automatically generated numbers, smart cards, etc. solve that problem. But common-sense when handling transactions can minimize it. The store only needs to keep the authorization number, not the credit card number.

...they must know your name because presumably you carry ID against which they could verify that you are who you claim you are.

What innovation is going to fix this? You can't just blithely say that innovation, or technology, or the free market will solve whatever problem is happening. That's the same as those who say that the government will solve it. Just pushing responsibility to someone else.

I made a proposal. You obviously prefer a free market solution. I'm open, let me know what it is.

It should have been illegal for my credit card company to even give the information.

You know, I've got a story on this topic. A couple of months ago I bought a piece of furniture (Ikea, got a nice dresser for a nice price). Upon unpacking it, I discovered it was broken. Given that the store is 60 miles away, I waited awhile before taking it back for an exchange. My wife and I finally made it out to Philadelphia with the broken item in tow, only to realize that while my wife thought she had the receipt on her, she didn't.

No one in the history of anything and anywhere has ever read the entirety of an EULA *and* understood every word of it.

They're the digital equivalent of the guy and the end of the commercials going "side effects may include... nauseavomitinghypertensionswollenheaddeathdepression, anorexiaspontaneoushumancombustionsorethroat, tumourscancerdiabetesparkinsonslossofvisionandnumbness." The stuff said so fast no one can comprehend it... but hey, it's there because the law said so!

and the Track-9 data from your card is the only real proof that you were there for the transaction.

I can see how the number was needed before the systems were electronic. But now, they get an authorization number right away. The Auth# and signature should be sufficient for them to go back and prove the transaction was valid.

I agree with your definition of "private data" and I think that is where we need to go. Private, unless otherwise stated.

Also, food for thought:

Actually, your name and credit card number are both encoded on the mag stripe on your card.

Several people pointed this out to me. I think people assumed that I didn't know because I said that the credit card company gave it to t

Sure there is. Send a GPG encrypted email, and that's private. Or chat over Pidgin-Encryption, that's private too. The internet defaults to public, but it's easy enough to secure your privacy when it matters.

So email isn't private and I should consider it public? No thanks. I'll take the "yes this is my private data" instead. Just because someone can read it doesn't mean it's not private. Just like snail mail is private, yet it's in the open, anyone can open it and read it. But no one would consider that public information.

As for public posting, this is why you create pseudonyms. Even if all the data is accurate except for your name. Just don't give them that. So now they know Nigel Weisnewski from Buffalo NY l

One of the more trite and oft-repeated maxims in the software industry goes something like this: We're not focusing on security because our customers aren't asking for it. They want features and functionality. When they ask for security, then we'll worry about it.

Let me counter that with one the more trie and oft-repeated maxims from businessmen in the 80s: Don't you worry about security, let me worry about blank.

Not only is this philosophy doomed to failure, it's now being repeated in the realm of privacy, with potentially disastrous effects.

And yet Facebook thrives and not until last week did Google offer secure searching and they're a giant. Sounds to me like companies that don't worry about privacy are doing pretty well -- maybe even the industry leaders. Maybe they're on to something about it being unimportant to the consumer?

A quick search of recent news on the privacy front reveals that just about all of it is bad.

Oh give me a break. Ninety percent of news stories are negative. Because it sells eyeballs. Really, do you expect a news article about the really great privacy that Slashdot offers Anonymous Cowards to appear? When privacy works, it's not news. Hell, when privacy is kept intact people don't even know. Your reasoning here is severely flawed.

Facebook is exposing users' live chat sessions and other data to third parties.

Yep, marketing's a bitch, ain't it? But then again, we're getting Facebook for free and I don't think there's been any case of someone suffering serious harm from Facebook dumping a chat to marketing. Certainly unsettling but has there been any sort of actual case of abuse and harm to the user? I use Facebook and I don't care much. I'm putting my data on their servers and they had me agree to some BS impossible to read ToS so I just mitigate that by keeping anything sensitive off it. If Diaspora takes off -- hey, great -- but until I can communicate with all my friends and family on it who are half a continent away no thanks.

Google is caught recording not only MAC address and SSID information from public Wi-Fi hotspots, but storing data from the networks as well.

"Caught?" That's funny. If you don't want to "catch" people "recording" your shit, stop broadcasting it and put some encryption on it and use a hidden SSID. You know, like the hundred or so Slashdot posts have pointed out.

But the prevailing attitude among corporate executives in these cases seems to be summed up by Google CEO Eric Schmidt, who famously said this not too long ago: 'If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.'

"Prevailing?" So prevailing that you need to reference a half a year old quote that is about all we have of that attitude. That's the predominant force out there? Care to come up with more companies using that sentiment? Care to put that quote into context for me [slashdot.org]? Put the pressure on them and the companies will change. Fact is that nobody's putting any pressure on them so why should they stop doing something which allows them to better market to you with ads and make more money?

If you look beyond the patent absurdity of Schmidt's statement for a minute, you'll find another old maxim hiding underneath: Blame the user. You want privacy? Don't use our search engine/photo software/email application/maps. That's our data now, thank you very much. Oh, you don't want your private chats exposed to the world? Sorry, you never told us that.

[citation needed] Prosecutor is leading the witness. Seriously, you're putting words into their mouths. Evil, yes they are. Saying that they claim your data is now theirs by way of their actions is ridiculous. Then from there y

"Caught?" That's funny. If you don't want to "catch" people "recording" your shit, stop broadcasting it and put some encryption on it and use a hidden SSID. You know, like the hundred or so Slashdot posts have pointed out.

It is amazing how people scramble to have them fix their security so my data (which I give them, because it's spelled out in the TOS) is 'secure.' I would have agreed with Schmidt's statement if he instead had said:

'If you have something that you don't want anyone to know, maybe you should

It's not against my moral code nor the laws of my community to be seeing more than one woman at once.

However, out of courtesy, I'd rather be discreet about the second relationship.

(To you fiends who will surely scoff at a basement dweller like me having two women: He said "fer instance". He didn't say it had to be true. I know it's a he, because girls don't say "gimme" and "fer instance", the

There are very few things that I don't want anyone to know, there are a host of things that I don't want everyone to know.

Takes a single trusted 'someone' to disclose your info to everyone. It's a sad, losing battle. People can say 'happy birthday' or 'sorry that your wife died', 'sorry you got fired,' etc and the damage would be done before you could delete the comment and have a chat about what is too sensitive to disclose freely to your other friends.

I think Schmidt flubbed it, what he should have said was: "If you have something that you don't want everyone to know, maybe you shouldn't be broadcasting it in the first place."

Google wasn't hacking into anything, they were connecting to open WiFi networks and collecting information that is necessary to connect to the network . The only thing that was a potential booboo here was they didn't dump the information, instead they chose to save it.

That's why I keep the 'anyone' material in an offline format, typically not even on paper. Not 100% effective, as was hammered home one Monday that I decided to take as a personal day and wander through Sears while countless busybody housewives babbled incessantly to one another about shit that they regarded as scandalous all around me. I now know more about the sex lives of random strangers than I do my own. But keeping it offline is still an improvement over posting the material to the world's first globa

You know it's funny. These guys spin the word privacy so much that the idea of sharing becomes twisted. Yes I want to share; But with friends, not with faceless businesses so they can solicit me. The idea that these two things are inseparable is idiotic. I share my personal pictures with friends. That doesn't mean I want them beamed to the world.

All of these sites need to stop playing stupid. They know wtf is going on and they know what people want. The problem is their customers are not their users, so the

I can remember very vividly GM and Ford (and Chrysler and even Packard) saying basically the same things about cars - they could put in safety features, but they didn't because there was no customer demand for it. This was, mind, when cars had metal dashboards and spear-your-heart driving wheels. This went on until the Federal Government started forcing changes, and until Volvo and other foreign manufacturers started making sales touting safety. I expect to see a similar story arc about piracy on-line.

Federal safety standards are pitiful compared to insurance company standards.

Federal standards mandate airbags, but only for the driver, not the passenger or side airbags they've been putting in. All of that is coming from the insurance industry - and except for the fact that all drivers must have insurance, it's completely free market. Things like better crumple zones and such are all designed to boost their ratings with insurance companies, because people look at how much the insurance is going to cost them when they think about buying a car.

There's no reason that we can't have a reasonable expectation of privacy, even in our online lives. Especially from a technical standpoint. If I share some photos with 10 people, and one of those people decides to copy that photo into an email and send it off to 100 people, then that's a social failure, not a technical one. People I trusted betrayed my trust, on a social level.

But on a technical level, I should be able to share videos or photos or journal posts with a small group of trusted people, and be reasonably secure in the idea that only they will see them. That advertisers won't have access to that photo, that an api won't be able to pull the data without permission, etc. There's nothing extraordinary about that requirement, and that it's treated as absurd and unreasonable shows how far we've fallen from a basic perspective on internet privacy.

Open source can fill the gap. Our incentive, as open source software developers, is to provide the best software possible, and to not skimp on important features like privacy and security. We aren't trying to cater to advertisers, or to build empires based on fads and hype. I've been working on an open source, distributed social networking alternative to Facebook (and Myspace and other "walled gardens") that called Appleseed that focuses on strong privacy.

But most of all, by distributing these services, and allowing users to cancel their profile on one site, sign up for another site, and plug right back into the network they lost, it creates a level of competition so that social networking sites *have* to listen to the concerns of their users. They can't take them for granted. Not just in social networking, if we can continue push for open standards, open protocols, open platforms, etc., it means we have some leverage when a popular service decides to privilege it's revenue stream over the privacy of it's users.

There's no technical way to guarantee privacy and anonymity... quite the opposite: technology should be used to increase transparency.

Privacy is to be respected. If someone doesn't respect your privacy, then by all means take socio-political-legal action. But you sort of have to implicitly trust your infrastructure provider - be it your ISP, your phone company, your email provider, etc. to not abuse your trust. And by all means don't use that infrastructure to transmit anything you don't trust them wit

There's no identifiable information in your MAC or SSID. So big deal there. If you don't want your packets sniffed, it's easy enough to enable encryption. If you don't want your emails shared with marketers, no one is forcing you to use GMail. No one is forcing you to use Facebook for that matter either. These companies provide a service that's free to you, but in exchange for your privacy. If you don't know that's the deal, you have no one to complain to but yourself.

It's really quite trivial to maintain your privacy on the internet. Use encryption whenever possible, and don't use services from companies who's business model is selling your information. Problem solved.

I am all for the world deserves more privacy, privacy laws should exist, etc..."trust" me! But jokes aside, there will always be entities that operate outside what we consider the ideal privacy as long as they are allowed to do so. The problem is not that of each company's policy: since when did we decide that each respective business should and would always hold itself to a hig

Sorry, but please take some responsibility for yourself. If in fact there is something so important that you don't want anyone to know, then don't do it online, PERIOD. This is nothing new and there are very few if any technological measures that can ever be deployed that will guarantee that your privacy / security will ever be secure. The level of hassle involved with making really improbable-to-break security is really hard and requires diligence on the part of the individual. If Vista taught us anything, it is that users do NOT want real security. They want to do what they want and not worry about how the system does it. Well guess what? The system isn't perfect and neither is the security. We live with the imperfection for the sake of simplicity.

"Facebook is exposing users' live chat sessions"This was a defect in their IM system. This could happen in EVERY SINGLE store and forward based messaging system (AKA basically all of them).If you expect each facebook user to generate their own Public/Private key then you're diluted (plus it breaks the online chat thing unless you're sharing your private key with facebook which would defeat the purpose).If you expect software to be perfect then you're an idiot.

"and other data to third parties"You agree to this when you clicked through their EULA (which is your fault).

"MAC address and SSID information from public Wi-Fi hotspots..."Data was wide open (which is your fault) and the company erroneously captured it.

"and other data to third parties"
You agree to this when you clicked through their EULA (which is your fault).

This is something I've been wondering about for a while, I'd love if anyone can enlighten me.

My country has a constitutional provision saying everyone has the right to know their rights. I don't believe the US constitution has such a provision but I'm sure there's something similar in the legal system. Anyway, I'm wondering about the highly complex legal language used in EULAs and the like. Does

Google is an advertising/marketing company. Their motives and actions are consistent with advertising/marketing companies. They seem to be more "generous" than many other advertising/marketing companies in that they give away better "swag" but they are still an advertising/marketing company... and a very successful one at that.

Within their motives you can determine your expectations of them... and altruism isn't one of them.

Eric Schmidt, who famously said this not too long ago: 'If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.'

Less famous than the quote was the context: "All online services hold some amount of data, and the Patriot Act allows the government to access this data, so it's best for you to keep it offline"; but of course reasonable and helpful suggestions don't make good headlines...

IANAL but privacy is not explicit in the US constitution; however the Supremes have found that it is implicitly there; e.g., the Fourth amendment is about privacy even though it doesn't contain the word "privacy." You might appreciate the Wikipedia [wikipedia.org] article.

No he's not, at least not when taken out of context. There are a lot of things I don't want people to know. I color my hair, for example. I'd rather people just think I'm not quite as old as I am (or conversley, I'd rather people not think I'm older than I really am). Hair coloring isn't an illegal act, or even immoral for that matter.

Put into context:

If you shouldn't do something, or don't want people to know about something, you probably shouldn't do it in public.

Now, if you were to substitute "public web site" or "public places on the internet" or even "in a business establishment" for public, you'd be talking about the same thing. See, these are public places, and there's really no expectation of privacy except a wink and a nod.

Now, lets change that and make it a place you own. Your own bedroom. Your own living room. Your cabin in the mountains. Your own server. You can do just about anything you want. Clip that ugly toenail. Watch Glee. Revel in mounted animal heads. Store all your balloon porn. But if you're going to go do those things in the local pub, you probably shouldn't be thinking that they are private.

See, most of these sites are "free" (as in beer). Even if they didn't make money on selling your eyeballs and preferences for marketing, they still wouldn't be private places. There are places on the internet which are private. You can sign up and encrypt all your stuff, and keep the key. But they're not convenient for sharing. Just as drinking a fifth of Jack in your kitchen isn't nearly as much fun as drinking it in a bar with fifty friends.

Privacy isn't dead, it just needs a bit of explaining. Just remember - if you didn't pay for it, it's probably not a private place.